U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Internet
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
 
Old 11-02-2011, 01:03 PM
 
Location: Somewhere in northern Alabama
18,526 posts, read 55,444,914 times
Reputation: 32227

Advertisements

<sigh> Another one.

Add this addy to your localhost file just in case as a temporary measure. 206.183.111.97 Watch for updates to antivirus, and hold off on sending and receiving Word format docs until the fix is available.

Encyclopedia entry: Trojan:Win32/Duqu.C - Learn more about malware - Microsoft Malware Protection Center
Reply With Quote Quick reply to this message

 
Old 11-03-2011, 12:19 PM
 
28,607 posts, read 40,593,270 times
Reputation: 37271
Thanks. Done.
Reply With Quote Quick reply to this message
 
Old 11-04-2011, 12:45 PM
 
Location: Silicon Valley
3,685 posts, read 8,494,847 times
Reputation: 2978
Quote:
Originally Posted by harry chickpea View Post
<sigh> Another one.

Add this addy to your localhost file just in case as a temporary measure. 206.183.111.97
I'm not sure what you mean here. You can blackhole a hostname with your hosts file, by mapping it to the loopback interface address (127.0.0.1), but you can't do that with a numerical IP address. You can't do anything with DNS to block it either. Those only work if the hostname has to be looked up first, but it sounds like the virus already contain a hard-coded IP address to contact.

To block access to a numerical IP address, you'd have to block access to it it with a firewall or filter (Peerblock or similar) on your PC or router, or insert a bogus route on your PC or router so the traffic could never reach its destination.
Reply With Quote Quick reply to this message
 
Old 11-04-2011, 02:45 PM
 
Location: Somewhere in northern Alabama
18,526 posts, read 55,444,914 times
Reputation: 32227
Quote:
Originally Posted by MediocreButArrogant View Post
I'm not sure what you mean here. You can blackhole a hostname with your hosts file, by mapping it to the loopback interface address (127.0.0.1), but you can't do that with a numerical IP address. You can't do anything with DNS to block it either. Those only work if the hostname has to be looked up first, but it sounds like the virus already contain a hard-coded IP address to contact.

To block access to a numerical IP address, you'd have to block access to it it with a firewall or filter (Peerblock or similar) on your PC or router, or insert a bogus route on your PC or router so the traffic could never reach its destination.
You are right, of course. Brain fart here. Thanks for the correction of something that should have been obvious to me.
Reply With Quote Quick reply to this message
 
Old 11-04-2011, 07:23 PM
 
10,752 posts, read 18,003,358 times
Reputation: 10244
MS has a work around until it's patched.
Microsoft announces workaround for the Duqu exploit | Naked Security
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Internet
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 06:34 AM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top